1. Field of the Invention
The present invention relates to a method and apparatus for managing and assuring an internet user's privacy directives.
2. Description of the Prior Art and Related Information
Consumers read articles with titles such as “Watchdog group flunks Google on privacy practices,” “Online Privacy Concerns Increase,” or “Internet privacy gets Congress' attention,” and wonder how to protect themselves. Surveys show a majority of Internet users are not comfortable with current uses of behavioral targeting online and many would block such tracking if possible. Cookies, which are the predominant method for the tracking of consumer behavior online, are a technology standard of the Internet Engineering Task Force (IETF) as a part of the Hypertext Transfer Protocol (HTTP). They enable data to be stored on the user's computer, managed by the web browser and sent to the appropriate web site when the web site is visited.
Advertising networks (such as DoubleClick and Advertising.com), Internet Content Providers (such as CNN.com and NBC.com), social networks (such as Facebook and Twitter), and search engines (such as Google and Yahoo) are among those parties which use cookies and other methods to record information about internet users for use in future advertising and content personalization. Users desiring to opt-out of these services often face significant hurdles in doing so. Hundreds of different advertising networks, millions of domains, and the inherent weaknesses of using cookies as a means of persisting user choice, further complicate these hurdles.
Many online advertising networks, portals, publishers, social networks, and e-commerce sites use cookies to identify users and, often, the preferences or targeting data related to individual users. These cookies have a tremendous value to the web browsing experience, allowing users to return to frequently visited sites where a cookie is used to remember the identity of the user without requiring a log in. However, since these cookies, and other similar technologies, such as flash cookies, DOM storage, browser fingerprinting and static IP address identification, allow an online advertiser to target the user, advertising networks provide opt-out capabilities.
Cookie churn is the term given to the rate at which a particular user removes one or more cookies from their computer. Users who employ anti-virus software such as Norton or anti-spyware software such as Yahoo's Toolbar remove many cookies regularly in order to provide themselves with a measure of online privacy. However, there are techniques for re-associating a user with a new cookie. Since most advertising networks, portals, publishers, and social networks use cookies as a means of storing the user's privacy preference, this problem of cookie churn is magnified because cookies not only store the information for targeting, but they also store the user's choice to opt out of the targeting. When the opt-out cookie is lost, the user becomes eligible to be targeted, thereby negating their prior privacy choices. There are several reasons that cookies may be lost, and many happen without the user being aware of the loss: 1) the purchase of a new network device, or reloading the operating system of an existing device; 2) the use of a new or updated web browser; 3) the use of a separate user profile on the same device to access the internet; 4) existing choice cookies are inadvertently deleted; 5) existing choice cookies are removed by a security program; or 6) the choice cookies expire. Most users are not aware that their privacy choices can be “forgotten” so easily.
Another frustration for internet users is the fact that there are hundreds of advertising networks, and many of these advertising networks do not presently provide a privacy choice mechanism to begin with. Even for those networks which do support a privacy choice mechanism, consenting users find themselves confused by what information has been collected and is being used by the advertising networks.
These means of handling consumer privacy and choice have been flawed since their very inception. Cookies are an inefficient method for storing information that must persist. Cookies were intended by RFC 2109 of the Hypertext Transfer Protocol (HTTP) to be “a way to create stateful sessions with HTTP requests and responses.” In addition the authors of RFC 2109 caution against the long-term storage of cookies: “User agents [web browser software] should probably be cautious about using files to store cookies long-term.”
Since cookies were designed for session-based access to Internet content and shopping carts, it is no wonder that the online privacy model using cookies is flawed and presents a false sense of online privacy to the user.
Accordingly, there exists a need to enable Internet users to manage their privacy for all their Internet devices without relying on cookies while preserving the ability for advertising networks to advertise profitably. The present invention satisfies these needs.